We have released LibreSSL 2.1.4, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon.
This release adds a number of new security features, makes building
privilege-separated programs simpler, improves the libtls API
and enhances Windows support.
User-visible features:
* Improvements to libtls:
- a new API for loading CA chains directly from memory instead of a
file, allowing verification with privilege separation in a chroot
without direct access to CA certificate files.
- Ciphers default to TLSv1.2 with AEAD and PFS.
- Improved error handling and message generation
- New APIs and improved documentation
* Added X509_STORE_load_mem API for loading certificates from memory.
This facilitates accessing certificates from a chrooted environment.
* New AEAD "MAC alias" allows configuring TLSv1.2 AEAD ciphers by
using 'TLSv1.2+AEAD' as the cipher selection string.
* New openssl(1) command 'certhash' replaces the c_rehash script.
* Server-side support for TLS_FALLBACK_SCSV for compatibility with
various auditor and vulnerability scanners.
Code improvements:
* Dead and disabled code removal including MD5, Netscape workarounds,
non-POSIX IO, SCTP, RFC 3779 support, many #if 0 sections, and more.
* The ASN1 macros are expanded to aid readability and maintainability.
* Various NULL pointer asserts removed in favor of letting the OS/signal
handler catch them.
* Refactored argument handling in openssl(1) for consistency and
maintainability.
* Support for building with OPENSSL_NO_DEPRECATED
* Dozens of issues found with the Coverity scanner fixed.
Security updates:
- Fix a minor information leak that was introduced in t1_lib.c
r1.71, whereby an additional 28 bytes of .rodata (or .data) is
provided to the network. In most cases this is a non-issue since
the memory content is already public. Issue found and reported by
Felix Groebert of the Google Security Team.
- Fixes for the following low-severity issues were integrated into
LibreSSL from OpenSSL 1.0.1k:
CVE-2015-0205 - DH client certificates accepted without
verification
CVE-2014-3570 - Bignum squaring may produce incorrect results
CVE-2014-8275 - Certificate fingerprints can be modified
CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]
Reported by Karthikeyan Bhargavan of the PROSECCO team at INRIA.
The following CVEs were fixed in earlier LibreSSL releases:
CVE-2015-0206 - Memory leak handling repeated DLTS records
CVE-2014-3510 - Flaw handling DTLS anonymous EC(DH) ciphersuites.
The following CVEs did not apply to LibreSSL:
CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
CVE-2014-3569 - no-ssl3 configuration sets method to NULL
CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA
This release also includes a binary package for convenience integrating
LibreSSL on Windows platforms. Feedback is welcome on integration efforts.
As the OpenBSD 5.7 development effort comes to a close, as does the LibreSSL
2.1.x branch. The next release will start the 2.2.x development branch.
The LibreSSL project continues improvement of the codebase to reflect modern,
safe programming practices. We welcome feedback and improvements from the
broader community. Thanks to all of the contributors who helped make this
release possible.